Inbound Exploits Are Still A Thing
In a year chock full of juicy network security headlines, two of the biggest so far have been WannaCry and the Equifax breach. Here’s a quick refresher: WannaCry broke out in May (fizzling shortly thereafter), taking advantage of a known vulnerability in the SMB protocol and utilizing an exploit [...]
The CINS Army List Is Changing Today
Since 2012 (before Threat Intelligence was cool) we've published a public list of malicious IP addresses for the community. It goes by many names: CINS Army, CI Army, CINS ... In any case, over 10,000 users (these days those 'users' are automated tools, scripts, and open source projects) now [...]
Apache Struts Vulnerabilities Are Nothing New
With news breaking on the use of an Apache Struts vulnerability in the recent Equifax breach, we thought we'd shed some light on Struts exploits from our perspective. First and foremost: Our customers should know that no Sentinel appliances or servers within the Sentinel infrastructure are affected by these [...]
Securing the Internet of Things
(Still) Securing the Internet of Things Ahh, IoT. Remotely monitoring and configuring your doorbell, washer and dryer, thermostat, security cameras, or just about any applicance or wearable you can imagine is pretty cool. And, the list of IoT devices gets larger every day. But here’s the rub on IoT [...]
June is National Internet Safety Month
National Internet Safety Month is designated by the U.S. Congress and supported by the National Cyber Security Alliance. NCSA advises everyone to follow three easy steps before going online: Stop. Think. Connect.™ At Sentinel IPS, we couldn’t agree more. Stop. Every time you access the Internet is an opportunity [...]
WannaCry Ransomware Attacks Over Mother’s Day Weekend
By now, I’m sure you’re aware of the WannaCry ransomware strain (also known as WanaCrypt0r and Wcry), which broke out over this past weekend. It is currently distributed via a Windows operating system vulnerability in the SMB protocol, and has infected networks in 150 countries worldwide. A lot has [...]
Ransomware – It’s Baaaaa-aaaack!
If you haven't already heard, Locky is back! Borrowing another tactic from the Dridex playbook, we're seeing the Locky campaign use malicious .pdf email attachments as its preferred infection vector. Once opened, the .pdf requests to extract and open a second file (an embedded Office document) which then prompts [...]
Growing Number of HIPAA Breach Fines Enforced
Metro Community Provider Network (MCPN) – a public health nonprofit was fined and paid a $400,000 penalty for allowing a hacker to access employee email accounts and obtain electronic protected health information (ePHI) of 3,200 patients. MCPN provides primary care, pharmacies, social work, dental and behavioral care to approximately [...]
Spear Phishing – It Can Happen to Anyone
I’ve been in the Network Security industry for more than 20 years, which may be the only reason my entire life was not compromised. […]
Why We Sponsor the CINS Army Initiative
The Concept By now, you may have heard of our CINS Army Initiative. (CINS stands for Collective Intelligence Network Security.) […]
